Privacy-preserving Biometrics based Authentication and Security. Password based authentication systems cannot verify genuine users. Biometric authentication can address this issue. However, the booming IoT applications and cloud computing require that the biometric authentication must be conducted in the privacy-protected setting in order to comply with privacy protection legal regulations. Latest reports show that current biometric authentication systems, under protected setting, exhibit poor ....Privacy-preserving Biometrics based Authentication and Security. Password based authentication systems cannot verify genuine users. Biometric authentication can address this issue. However, the booming IoT applications and cloud computing require that the biometric authentication must be conducted in the privacy-protected setting in order to comply with privacy protection legal regulations. Latest reports show that current biometric authentication systems, under protected setting, exhibit poor authentication performance, which is not commercially applicable. This project aims to investigate innovative solutions to this issue. The intended deliverables will include deep learning based biometric feature extractor, cancellable biometrics and cloud oriented biometrics security protocols. Read moreRead less
Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider a ....Preventing sensitive data exfiltration from insiders . Confidential data such as military secrets or intellectual property must never be disclosed outside the organisation; formally protecting data exfiltration from insider attacks is a major challenge. This project aims to develop a pattern matching based systematic methodology for data exfiltration in database systems. We will devise highly accurate detection tools and secure provenance techniques that can effectively protect against insider attacks. The outcomes of the project will incorporate new security constraints and policies raised by emerging technologies to enable better protection of sensitive information. Read moreRead less
Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This pr ....Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This project aims to develop a continuous authentication approach based on user behaviour - typical interactions plus biometrics (for example, keystroke dynamics) - combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE170101081
Funder
Australian Research Council
Funding Amount
$360,000.00
Summary
Adaptive value-flow analysis to improve code reliability and security. This project aims to develop client-driven adaptive value-flow analysis to detect software bugs in system software written in the C/C++ programme language. Static analysis tools for automated code inspections can benefit software developers, but are imprecise, inefficient and not user-friendly for analysing real-world industrial-sized software. The project will investigate static, dynamic and user-guided value-flow analysis t ....Adaptive value-flow analysis to improve code reliability and security. This project aims to develop client-driven adaptive value-flow analysis to detect software bugs in system software written in the C/C++ programme language. Static analysis tools for automated code inspections can benefit software developers, but are imprecise, inefficient and not user-friendly for analysing real-world industrial-sized software. The project will investigate static, dynamic and user-guided value-flow analysis to efficiently and precisely analyse large-scale programs according to clients’ needs, thereby allowing compilers to generate safe, reliable and secure code. This project is expected to advance value-flow analysis for industrial-sized software, improve software reliability and security, and benefit Australian software systems and industries.Read moreRead less
A fast and effective automated insider threat detection and prediction system. Threats from insiders directly compromises the security, privacy and integrity of Australian e-commerce, large databases and communication channels. This project will provide an essential step in combating this criminal activity by developing methods to detect such threats and secure the public's information against exposure and identity theft.
Privacy preserving and data utility in outsourced systems. Making the best tradeoff between data privacy and utility is a vital challenge in privacy-preserving outsourcing environments. This project aims to develop a balanced distributed framework to achieve the best utility of outsourced data while protecting private information. The framework consists of general structure of distributed evolutionary algorithms and a predefined topology for high optimization efficiency and a dynamic groupin ....Privacy preserving and data utility in outsourced systems. Making the best tradeoff between data privacy and utility is a vital challenge in privacy-preserving outsourcing environments. This project aims to develop a balanced distributed framework to achieve the best utility of outsourced data while protecting private information. The framework consists of general structure of distributed evolutionary algorithms and a predefined topology for high optimization efficiency and a dynamic grouping recombination model. The project outcomes will be beneficial to applications in the nation as it incorporates new privacy constraints and utility requirements raised by emerging technologies to enable better protection of sensitive information and maximal data utility in outsourced systems. Read moreRead less
Developing A Smart Farming Oriented Secure Data Infrastructure. Smart farming is the future of agriculture. However, recently the Federal Bureau of Investigation has issued a
warning that the lack of data privacy and cyber security mechanisms in the field runs a high risk of disaster. This
project aims to establish an innovative secure data infrastructure for smart farming including secure and automated smart farming supply-chain management. The deliverables of this project will include the cutt ....Developing A Smart Farming Oriented Secure Data Infrastructure. Smart farming is the future of agriculture. However, recently the Federal Bureau of Investigation has issued a
warning that the lack of data privacy and cyber security mechanisms in the field runs a high risk of disaster. This
project aims to establish an innovative secure data infrastructure for smart farming including secure and automated smart farming supply-chain management. The deliverables of this project will include the cutting-edge Blockchain based secure IoT data management and privacy-preserving smart contracts for smart farming supply-chain management. This data infrastructure will be the first of its kind which will lay a solid foundation for smart farming technology.Read moreRead less
MemberGuard: Protecting Machine Learning Privacy from Membership Inference. Machine Learning has become a core part of many real-world applications. However, machine learning models are vulnerable to membership inference attacks. In these attacks, an adversary can infer if a given data record has been part of the model's training data. In this project, the team aims to develop new techniques that can be used to counter these attacks, such as 1) new analytical models for membership leakage, 2) ne ....MemberGuard: Protecting Machine Learning Privacy from Membership Inference. Machine Learning has become a core part of many real-world applications. However, machine learning models are vulnerable to membership inference attacks. In these attacks, an adversary can infer if a given data record has been part of the model's training data. In this project, the team aims to develop new techniques that can be used to counter these attacks, such as 1) new analytical models for membership leakage, 2) new methods for susceptibility diagnosis, 3) new defences that leverage privacy and utility. Data-oriented services are estimated to be valuable assets in the future. These techniques can help Australia gain cutting edge advantage in machine learning security and privacy and protect its intellectual property on these services.Read moreRead less
DeepHoney: Automatic Honey Data Generation for Active Cyber Defence . This project aims to enhance the security of networks and information systems by empowering them with intelligent deception techniques to achieve proactive attack detection and defence. In recent times, the fictitious environment – honeypot designed by human experience becomes popular to attract attackers and capture their interactions. However, rules-based construction of honeypots fails in preserving the privacy, boosting th ....DeepHoney: Automatic Honey Data Generation for Active Cyber Defence . This project aims to enhance the security of networks and information systems by empowering them with intelligent deception techniques to achieve proactive attack detection and defence. In recent times, the fictitious environment – honeypot designed by human experience becomes popular to attract attackers and capture their interactions. However, rules-based construction of honeypots fails in preserving the privacy, boosting the attractiveness and evolving the system. The project expects to advance deep learning and yield novel DeepHoney technologies with associated publications and open-source software. This should benefit science, society, and the economy by building the next generation of active cyber defence systems. Read moreRead less
Symbolic synthesis of knowledge-based program implementations. Systems with concurrent streams of activity are ubiquitous in computer hardware and software designs, but are conceptually complex, and fraught with faults and inefficiency. The project aims to address these difficulties by automating aspects of system design, to relieve the designer of the need to reason about complex patterns of information flow.